Jump to content


Photo

pm box


  • Please log in to reply
4 replies to this topic

#1 aebstract

aebstract
  • Members
  • PipPipPip
  • Advanced Member
  • 1,105 posts

Posted 16 June 2006 - 04:42 PM

Hi, I am trying to get my pm send form to insert the data from the form in to the database so that whoever is recieving the pm can view it. Everything is working fine, except it won't put the information in. Can anyone help me with this? The problem is in the if (action == compose) { section of the script, and here the script is:


<?php  
session_start(); 
header("Cache-control: private");   
if(!isset($_SESSION["id"]))  
{  
header("Location: index.php?menu=mustlogin");  
}



if($action == compose){
$content .= '<div id="pmbox">';


if (isset ($_POST['submit'])) { 
$problem = FALSE;  
$_POST['reciever'] = strip_tags($_POST['reciever']); 
$_POST['subject'] = strip_tags($_POST['subject']); 
$_POST['message'] = strip_tags($_POST['message']);   

if (empty ($_POST['reciever'])) { 
$problem = TRUE; $content .= 'Reciever is a required field<br />'; 
}  

if (empty ($_POST['subject'])) { 
$problem = TRUE; 
$content .= 'Subject is a required field<br />'; 
}  

if (empty ($_POST['message'])) { 
$problem = TRUE; 
$content .= 'Message is a required field<br />'; 
}  

$query = mysql_query("SELECT id FROM accounts WHERE username = '".$_POST['reciever']."'");
$query = mysql_fetch_array($query);         
if ($query){     
$recieverid = $query['id'];                  

} else {         

$problem = TRUE;         
$content .= 'Invalid Username<br />'; 

}   
if (!$problem) {  
$reciever = $_POST['reciever']; 
$subject = $_POST['subject']; 
$message = $_POST['message']; 
$datesent = date('F j, Y - g:i a');   
$result = MYSQL_QUERY("INSERT INTO pmbox (recieverid,sender,senderid,message,subject,datesent,read)". "VALUES ('$recieverid', '$username', '$id', '$message', '$subject', '$datesent', '0')");  
include "connect.php";    
header ("Location: index.php?menu=pmbox&action=pmsent");  
} else { 
$content .= '<br />'; 
} 
}    
$content .= '
  
<form action="index.php?menu=pmbox&action=compose" method="post">   
Reciever: <br />
<input type="text" maxlength="14" class="textfield" name="reciever" size="20" value="' . $_POST['reciever'] . '" />
<br /> 
Subject: <br />
<input type="text" class="textfield" name="subject" maxlength="15" size="20" value="' . $_POST['subject'] . '" />
<br /> 
Message: <br /><textarea class="textfield" name="message" rows="10" cols="40" value="' . $_POST['message'] . '"></textarea>
<br /><br />   
<input type="submit" name="submit" value="Send PM" class="textfield" />
</form>   

'; 



$content .= '</div>';
} elseif ($action == sentmail){

$content .= '
<div id="pmbox">
sent mail
</div>
';




} else {
$content .= '<div id="pmbox">
<table><tr id="trone"><td id="tdone">From:</td><td id="tdtwo">Subject:</td><td id="tdthree">Date:</td></tr>

';

$result = mysql_query("SELECT * FROM pmbox WHERE recieverid = '$id'");     
while($r=mysql_fetch_array($result))  {  
$sender=$r["sender"];  
$senderid=$r["senderid"];  
$message=$r["message"];  
$subject=$r["subject"]; 
$datesent=$r["datesent"]; 
$pmid=$r["pmid"];  
$content .= "

<tr id=trtwo><td id=tdone><a href=index.php?menu=profileview&user=$senderid>$sender</a></td><td id=tdtwo><a href=index.php?menu=pmbox&action=read&read=$pmid>$subject</a></td><td id=tdthree>$datesent</td></tr>


";
}

$content .= "</table></div>";
}



?>


thanks

There is an area of the mind that could be called unsane, beyond sanity, and yet
not insane. Think of a circle with a fine split in it. At one end there's
insanity. You go around the circle to sanity, and on the other end of the
circle, close to insanity, but not insanity, is unsanity.


#2 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 16 June 2006 - 04:53 PM

your either missing some quotes if compose is supposed to be a value or a $ if it's supposed to be another variable

if ($action == 'compose') {

or

if ($action == $compose) {

but also, i don't see where you've even set $action to compare it to anything... i'm gonna take a guess and say that $action is being passed in the url from a link, like blah.php?action=blah

?

you need to do like

$action = $_GET['action'];

if you want to use $action in that way. so if you were shooting for having a link like

blah.php?action=compose

then you would do like:

$action=$_GET['action'];
if ($action == 'compose') {
.
.
}
Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#3 aebstract

aebstract
  • Members
  • PipPipPip
  • Advanced Member
  • 1,105 posts

Posted 16 June 2006 - 05:24 PM

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]Everything is working fine, except it won't put the information in.[/quote]

^^

There is an area of the mind that could be called unsane, beyond sanity, and yet
not insane. Think of a circle with a fine split in it. At one end there's
insanity. You go around the circle to sanity, and on the other end of the
circle, close to insanity, but not insanity, is unsanity.


#4 aebstract

aebstract
  • Members
  • PipPipPip
  • Advanced Member
  • 1,105 posts

Posted 17 June 2006 - 12:15 AM

Okay so the code section that is having the problem is here:

if($action == compose){
$content .= '<div id="pmbox">';


if (isset ($_POST['submit'])) { 
$problem = FALSE;  
$_POST['reciever'] = strip_tags($_POST['reciever']); 
$_POST['subject'] = strip_tags($_POST['subject']); 
$_POST['message'] = strip_tags($_POST['message']);   

if (empty ($_POST['reciever'])) { 
$problem = TRUE; $content .= 'Reciever is a required field<br />'; 
}  

if (empty ($_POST['subject'])) { 
$problem = TRUE; 
$content .= 'Subject is a required field<br />'; 
}  

if (empty ($_POST['message'])) { 
$problem = TRUE; 
$content .= 'Message is a required field<br />'; 
}  

$query = mysql_query("SELECT id FROM accounts WHERE username = '".$_POST['reciever']."'");
$query = mysql_fetch_array($query);         
if ($query){     
$recieverid = $query['id'];                  

} else {         

$problem = TRUE;         
$content .= 'Invalid Username<br />'; 

}   
if (!$problem) {  
$reciever = $_POST['reciever']; 
$subject = $_POST['subject']; 
$message = $_POST['message']; 
$datesent = date('F j, Y - g:i a');  
 
$insert = mysql_query("INSERT INTO pmbox (recieverid,sender,senderid,message,subject,datesent,read)".
"VALUES ('$recieverid', '$username', '$id', '$message', '$subject', '$datesent', '0')");


header ("Location: index.php?menu=pmbox&action=pmsent");  
} else { 
$content .= '<br />'; 
} 
}    
$content .= '
  
<form action="index.php?menu=pmbox&action=compose" method="post">   
Reciever: <br />
<input type="text" maxlength="14" class="textfield" name="reciever" size="20" value="' . $_POST['reciever'] . '" />
<br /> 
Subject: <br />
<input type="text" class="textfield" name="subject" maxlength="15" size="20" value="' . $_POST['subject'] . '" />
<br /> 
Message: <br /><textarea class="textfield" name="message" rows="10" cols="40" value="' . $_POST['message'] . '"></textarea>
<br /><br />   
<input type="submit" name="submit" value="Send PM" class="textfield" />
</form>   

'; 



$content .= '</div>';


Like I said, I know the url/variable stuff is working, cause it works on the other parts that are just like this. The problem is the information actually getting placed in to the database. If theres some kind of code I can put in to test for the error, please shoot it at me and explain and I will give it a shot, if you can see the problem.. that helps too! :P Thanks!

There is an area of the mind that could be called unsane, beyond sanity, and yet
not insane. Think of a circle with a fine split in it. At one end there's
insanity. You go around the circle to sanity, and on the other end of the
circle, close to insanity, but not insanity, is unsanity.


#5 AndyB

AndyB
  • Staff Alumni
  • Advanced Member
  • 5,465 posts
  • LocationToronto

Posted 17 June 2006 - 02:18 AM

read is a reserved word in MySQL so you cannot use it as a fieldname in a database table. The solution is either to rename it (best), or use backticks on it `read`.

If your query action had included error trapping, you would have spotted this immediately.

[a href=\"http://www.htmlite.com/mysql002a.php\" target=\"_blank\"]http://www.htmlite.com/mysql002a.php[/a] is a nice list of MySQL reserved words that is worth book-marking.
Legend has it that reading the manual never killed anyone.
My site




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users